Observatory

News

News website EurActiv says the German power utility specializing in renewable energy 50Hertz was attacked two weeks ago through a denial of service (DDoS) backed up by a botnet. Company access to the Internet was impossible for five days, but the energy supply of the company was not affected. Cybercriminals are increasingly resorting to DDoS to extort money from company which sometime prefer to pay up rather than find a difficult technical and legal solution to the attacks. Though the IP addresses of the attackers point out to Kiev and Moscow, it is hard to trace exactly where the attack originally came from. The attack highlights cybercriminals‚Äô new interest in attacking Smart Grid energy systems, which now constitute a prime target because of their connectedness to the wider web. Experts believe 80% of electricity users in the EU will be equipped with smart meters by 2020.

The Pentagon‚Äôs Defense Advanced Research Projects Agency (DARPA) has begun working on a project that aims at identifying backdoors in commercial IT devices. A backdoor is a secretly implanted code that makes the device function in ways unintended by the user, for example by spying on him. The aim is to find a way to identify quickly and automatically backdoors instead of vetting each device one by one like it is done currently. DARPA‚Äôs VET program will ‚Äúlook for innovative, large-scale approaches to verifying the security and functionality of commodity IT devices‚ÄĚ. American authorities suspect Chinese telecoms Huawei and ZTE of selling devices equipped with such backdoors in the United States, a threat some senators have called a ‚Äúdanger for national security‚ÄĚ at a recent congressional hearing.

Admirals Card and Rogers of the US Navy have just signed three documents that will constitute the main strategy for the Navy for the years to come in the field of cyberwarfare. These are: the Navy Strategy for Achieving Information Dominance 2013-2017, Navy Cyber Power 2020, and the Navy Information Dominance Corps Human Capital Strategy 2012-2017. At the heart of these strategies is the idea that cyberspace has transformed from an enabler of combat into a weapon per se. The U.S. Navy is also aware that it has become crucial to develop and sustain a substantial workforce in the field of cyberwarfare, an issue which the third document specifically addresses.

Google has recently published its second Transparency Report for the year 2012, indicating that the number of government requests for information on individuals has risen sharply since the last report. In total, 20938 requests for information from world governments were submitted to Google. Denmark, Ireland and Norway sent the least requests, while the US, India and Brazil topped the list. Google does not always respond to these requests: while 90% of those coming from US authorities were honored, French ones were only satisfied 42% of the time.

The Associated Press reveals that Mitt Romney’s campaign staff used data-mining methods to increase the efficiency of its fundraising efforts. A company called Buxton Co. was in charge of buying databases which contained personal information on thousands of people, such as their church attendance or consumption habits. The fundraising team would then determine thanks to that data which people were more likely to hand out big checks to the campaign. One of the first tests was to identify individuals in the San Francisco area who would be comfortable giving 2500$ and more the the campaign. Such databases, usually used by retail stores, are known as psychographic data analysis.

President Barack Obama has recently signed a secret directive to better define how the US military organizes itself in cyberspace and what type of operations it can conduct. Actions outside of government networks, which some would call “offensive”, and for which Secretary Leon Panetta has recently pushed for, are now delineated. According to the Washington Post, the directive also settles the recurring “debate among government agencies about who is authorized to take what sorts of actions in cyberspace and with what level of permission.”

During an Information Security Forum Conference in Chicago, the European Commissioner for the digital agenda, Neelie Kroes, addressed the issue of cyber-security. Having stated that Europe needs to do more to take the issue of information security into account, she asserted her will to implement a European Strategy for Cyber-Security focused on resilience of networks and the fight against cybercrime.

The UNODC (United Nations Office on Drugs and Crime) announced the publication of a report on cyber-terrorism on Monday. The aim of the publication is to provide ‚Äúeffective criminal justice responses to this transnational challenge‚ÄĚ. Here, the term ‚Äúcyber-terrorism‚ÄĚ as used by the Office includes the use of the Internet by terrorists to recruit, disseminate information and plan attacks.

In order to meet the demand for cyber security professionals in the fields of biometrics, computer science, computer engineering and telecommunications, the American Navy is offering scholarships for master‚Äôs and doctorate level work through the Department of Defense Information Assurance Scholarship Program to civilian and military personnel. The deadline for submission of applications is January 15, 2013.